The exploitation view is mostly due to the anonymous nature of those personal, natural person individuals performing the decision to exploit. The personal cost to them of the decision is muted if it is felt at all: the endless layers of the corporate body shields them.
However, if their names attached to such decisions were plastered all over LinkedIn, GitHub, or the even the project "look who is using our project" page, the responsibility that went with that decision authority just went up a noticeable amount. With REST API access to graph-networked tracking of such decisions, someone's track record of these kinds of decisions will follow them. Forever. Such tracking will also start revealing companies with a certain track record. The consequences of that are up to those in the future making decisions whether to interact with those individuals. It could be neutral, beneficial, or adverse, depending upon who they deal with.
Also, nothing prevents open source projects from tapping such aggregated data in an automated fashion, and auto-updating an exception to their open source license. "Anyone may license under <foo-open-source> license, except for the following list of individuals: ..., And except for the following list of companies: ..., <followed-by-legal-stuff-preventing-assignations-for-example>. For you, <consequence-decided-by-project>." Licenses are similarly amended to generate the attribution data in the first place.
That consequence can be whatever strikes the fancy of the project. Whether it be must license commercially, must post a LinkedIn video of them singing "Good Ship Lollipop" before they can license under the open source license, must post an escrow bond they forfeit if they violate the terms, etc.
Shine a light upon the natural person authority, and see who steps into the spotlight proud to show off their accountability.
However, if their names attached to such decisions were plastered all over LinkedIn, GitHub, or the even the project "look who is using our project" page, the responsibility that went with that decision authority just went up a noticeable amount. With REST API access to graph-networked tracking of such decisions, someone's track record of these kinds of decisions will follow them. Forever. Such tracking will also start revealing companies with a certain track record. The consequences of that are up to those in the future making decisions whether to interact with those individuals. It could be neutral, beneficial, or adverse, depending upon who they deal with.
Also, nothing prevents open source projects from tapping such aggregated data in an automated fashion, and auto-updating an exception to their open source license. "Anyone may license under <foo-open-source> license, except for the following list of individuals: ..., And except for the following list of companies: ..., <followed-by-legal-stuff-preventing-assignations-for-example>. For you, <consequence-decided-by-project>." Licenses are similarly amended to generate the attribution data in the first place.
That consequence can be whatever strikes the fancy of the project. Whether it be must license commercially, must post a LinkedIn video of them singing "Good Ship Lollipop" before they can license under the open source license, must post an escrow bond they forfeit if they violate the terms, etc.
Shine a light upon the natural person authority, and see who steps into the spotlight proud to show off their accountability.